Filter
Top Products
Policy Design Examples
216 EncrypTight User Guide
These hub and spoke policies require the four network sets created in “Encrypt Traffic Between Regional
Centers” on page 214 and twelve network sets for the branch networks.
The next three tables show the four regional hub and spoke policies.
Using Network Sets A, A1, A2, and A3, create a hub and spoke policy for region A as shown in the
following table:
Table 56 Network sets for the hub and spoke policies
Networks PEPs
Default
ETKMS
Network Set A1 192.33.5.0 netmask 255.255.255.0 PEP A1 ETKMS 1
Network Set A2 192.33.6.0 netmask 255.255.255.0 PEP A2 ETKMS 1
Network Set A3 192.33.9.0 netmask 255.255.255.0 PEP A3 ETKMS 1
Network Set B1 172.44.5.0 netmask 255.255.255.0 PEP B1 ETKMS 1
Network Set B2 172.44.6.0 netmask 255.255.255.0 PEP B2 ETKMS 1
Network Set B3 172.44.7.0 netmask 255.255.255.0 PEP B3 ETKMS 1
Network Set C1 100.22.5.0 netmask 255.255.255.0 PEP C1 ETKMS 1
Network Set C2 100.22.7.0 netmask 255.255.255.0 PEP C2 ETKMS 1
Network Set C3 100.22.9.0 netmask 255.255.255.0 PEP C3 ETKMS 1
Network Set D1 100.33.2.0 netmask 255.255.255.0 PEP D1 ETKMS 1
Network Set D2 100.33.3.0 netmask 255.255.255.0 PEP D2 ETKMS 1
Network Set D3 100.33.5.0 netmask 255.255.255.0 PEP D3 ETKMS 1
Table 57 Region A hub and spoke policy
Field Setting
Name Region A Hub and Spoke
Priority 900
Renew Keys/Refresh Lifetime 4 hours
Type IPSec
IPSec Encryption Algorithms - AES
Authentication Algorithms - HMAC-SHA-1
Key Generation By Network Set
Addressing Mode Override Preserve internal network addresses
Minimize Policy Size Disable
Hub Network Set A
Spokes Network Set A1
Network Set A2
Network Set A3
Protocol Any